(ctx context.Context, req *rts.CheckRequest)
| 335 | } |
| 336 | |
| 337 | func (h *Handler) Check(ctx context.Context, req *rts.CheckRequest) (*rts.CheckResponse, error) { |
| 338 | var src ketoapi.TupleData |
| 339 | if req.Tuple != nil { |
| 340 | src = req.Tuple |
| 341 | } else { |
| 342 | src = req |
| 343 | } |
| 344 | |
| 345 | tuple, err := (&ketoapi.RelationTuple{}).FromDataProvider(src) |
| 346 | if err != nil { |
| 347 | return nil, err |
| 348 | } |
| 349 | |
| 350 | internalTuple, err := h.d.ReadOnlyMapper().FromTuple(ctx, tuple) |
| 351 | if err != nil { |
| 352 | return nil, err |
| 353 | } |
| 354 | allowed, err := h.d.PermissionEngine().CheckIsMember(ctx, internalTuple[0], int(req.MaxDepth)) |
| 355 | // TODO add content change handling |
| 356 | if err != nil { |
| 357 | return nil, err |
| 358 | } |
| 359 | |
| 360 | return &rts.CheckResponse{ |
| 361 | Allowed: allowed, |
| 362 | Snaptoken: "not yet implemented", |
| 363 | }, nil |
| 364 | } |
| 365 | |
| 366 | // Batch Check Permission Request Parameters |
| 367 | // |
nothing calls this directly
no test coverage detected